Skip to main content

Cyber Democratic Influence

Volume 834: debated on Monday 11 December 2023


The following Statement was made in the House of Commons on Thursday 7 December.

“With permission, I will make a Statement about attempted cyber interference in British democracy. I know honourable and right honourable Members across this House will recognise the seriousness of this issue.

The Government have long highlighted the threat to the UK and our allies from malicious cyber activity conducted by the Russian intelligence services. I can confirm today that the Russian Federal Security Service, the FSB, is behind a sustained effort to interfere in our democratic processes. It has targeted Members of this House and the other place. It has been targeting civil servants, journalists and non-government organisations. It has been targeting high-profile individuals and entities with a clear intent, using information it obtains to meddle in British politics.

Madam Deputy Speaker, you and parliamentary security have been briefed on the details of that activity. We want to be as open as we can with the House and the British public. Our commitment to transparency stands in sharp contrast to the efforts of the KGB’s successors to exert influence from the shadows. What can we confirm today? I want to stress five particular points of our assessments.

First, Centre 18, a unit within Russia’s FSB, has been involved in a range of cyber-espionage operations targeting the UK.

Secondly, Star Blizzard, a cyber group that the National Cyber Security Centre assesses is almost certainly subordinate to Centre 18, is responsible for a range of malign activities targeting British parliamentarians from multiple parties.

Thirdly, using those means, the group has selectively leaked and amplified the release of sensitive information in service of Russia’s goals of confrontation. In 2020, when he was Foreign Secretary, my right honourable friend the Member for Esher and Walton (Dominic Raab) confirmed to the House that Russia had done that before the 2019 elections with documents related to UK-US trade. I can now confirm that we know Star Blizzard was involved in this operation.

Fourthly, these cyber actors use a combination of targeting, tailoring their operations in a far more sophisticated way than is usually the case with, for instance, commonplace cyber criminals. They typically engage in thorough research and preparation, including via social media and networking platforms. Having thus identified ways to engage a target, they create false accounts, impersonating contacts to appear legitimate, and create a believable approach, seeking to build a rapport before delivering a malicious link to either a document or website of interest. While they have targeted business and corporate emails, the group predominantly targets personal email addresses.

Finally, the targeting of this group is not limited to politicians, but includes public-facing figures and institutions of all types. We have seen impersonation and attempts to compromise email accounts across the public sector, universities, media, non-governmental organisations and wider civil society. Many of those individuals and organisations play a vital role in our democracy. As an example, the group was responsible for the 2018 hack of the Institute for Statecraft, a UK think tank whose work included initiatives to defend democracy against disinformation, and the more recent hack of its founder, whose account was compromised from 2021. In both cases, documents were subsequently leaked.

The Government’s assessment is based on extensive analysis from the UK intelligence community and supported by a range of close international partners. Today, allies from the Five Eyes and the Euro-Atlantic region are joining us in illuminating the pervasive nature of this threat to our shared democratic values. I pay tribute to the dedicated public servants, in our own agencies and those of our partners, whose painstaking work has allowed us to expose the reality of the threat we face.

Taken together, the UK Government judge that these actions demonstrate a clear and persistent pattern of behaviour. Russia’s attempted interference in political and democratic processes, through cyber or any other means, is unacceptable. I reassure the House that we have identified targeting of parliamentary colleagues and engaged with victims through both the National Cyber Security Centre and the parliamentary authorities.

The Government will continue to expose and respond to malign cyber activity, holding Russia accountable for its actions. To that end, the UK has designated two individuals under the UK’s cyber sanctions regime, following a thorough investigation by the National Crime Agency into the hack of the Institute for Statecraft. In doing so we send a clear message that these actions have consequences. This morning, the Foreign, Commonwealth and Development Office has summoned the Russian ambassador to the Foreign Office to convey that message.

We have robust systems in place to protect against the threat from foreign malign influence. The Minister for Security, my right honourable friend the Member for Tonbridge and Malling, Tom Tugendhat, leads the defending democracy taskforce, which drives work to improve our resilience against these threats. Our National Cyber Security Centre, alongside Five Eyes partners, today published a technical advisory to provide guidance to organisations and individuals at risk of being targeted to help defend against such attacks. We will continue to defend ourselves from adversaries who seek to threaten the freedoms that underpin our democracy. It is and always will be an absolute priority to protect our democracy and elections.

A key component of increasing our resilience is supporting the National Cyber Security Centre and parliamentary authorities to deliver an enhanced cyber-security offer to right honourable and honourable Members, and to Members of the other place, that aims to better protect them against this insidious threat and support the resilience of our lively democratic society. We hope that this statement helps to raise awareness of the threat and allows those in public life, in this House and beyond, to recognise how they may be targeted by such operations.

Russia has a long-established track record of reckless, indiscriminate and destabilising malicious cyber-activity, with impacts felt all over the world. In recent years, the Government have, alongside allies, uncovered numerous instances of Russian intelligence targeting of critical national infrastructure, for example. We have worked in close co-ordination with our intelligence partners to expose sophisticated cyber-espionage tools aimed at sensitive targets. The irony of Russia’s abusing the freedoms that it denies its own people to interfere in our politics will not be lost on anyone.

Of course, our political processes and institutions have endured in spite of those attacks, but the cyber threat posed by the Russian intelligence services is real and serious. All right honourable and honourable Members should pay careful attention to it in the course of their work and their daily lives. Many in this House may not consider themselves a potential victim. I want to underline to the whole House that the targeting can be extremely convincing. We must all play our part in exercising good cyber practices, using appropriate caution and following the good guidance of the National Cyber Security Centre and others to mitigate the threat. That is how we defend ourselves and our precious democracy. I commend this Statement to the House.”

My Lords, the Russian intelligence service effort to target Members of the Commons and this House, civil servants, journalists and NGOs is an attack not just on individuals but on British democracy, and I am sure Members across the House will join me in condemning it in the strongest possible terms. My right honourable friend David Lammy reminded the other place that next year will see elections not only in Britain but in the United States, India and the European Union, with more than 70 elections scheduled in 40 countries across the world.

Trust and confidence in our system of democracy will be undermined if we are unable to ensure it is free from such interference. Leo Doherty, the Minister, said that the Statement was made now

“to ensure that its full deterrent effect is properly timed”,

and he reminded the House that

“our duty is to remain ever vigilant”.

Can the Minister tell us how the Government are working with other countries that share our democratic values to monitor interference and co-ordinate a response to any attempts to influence our democratic processes?

In response to Labour’s call for a joint cell between the Home Office and the Foreign Office to speed up decision-making, the Minister in the other place said that he was confident that the Defending Democracy Taskforce, led by the Security Minister, represented a robust and cross-departmental response. However, he did acknowledge that on the wider picture of disinformation, we needed to

“up our game to counter disinformation, call Russia out and better resource and energise our own security posture in the cyber domain”.

The use of artificial intelligence and deepfakes to seed false narratives, spread lies and foment divisions through mainstream and social media is an increasing threat, as identified in the other place. Leo Doherty talked of

“an enhanced degree of resource, organisation and political will”.—[Official Report, Commons, 7/12/23; cols. 491-2.]

Can the Minster give us a little more detail on how this will be done?

Parliament has been united against Putin’s imperial aggression in Ukraine. The Opposition and the Government have been as one, and unity is a source of strength and pride. In the face of these threats, this House must remain united. Let me assure the House tonight that the Labour Party will work in partnership and full co-operation with the Government and all relevant authorities to take the necessary steps to address this threat and protect the integrity of our political process from hostile interference.

My Lords, I share the sentiment that we all need to work together in defending democracy. I thank the Government for the Statement, but this is not a surprise, as we have known for some years that people in Russia—in previous years in Ukraine—and Belarus have been doing their best to hack into British politics to spread disinformation and to influence what is going on. We also know about the Chinese attempts to do the same.

This is all part of the transformation of election campaigning since the digital revolution and social media have become so important. I look back to the first election in which I took part, in 1966, when achieving an article by my party leader in the News of the World was by far the most important thing I did in four weeks. We are now in an utterly different world. Perhaps I should add that this was partly because the article appeared against a half-page picture of the President of Indonesia’s fourth wife, who was extremely attractive. At least people will have read “Jo Grimond” in the headline.

I emphasise here wider issues about shared interests and how the Government and other parties should be encouraged to work together. At present, there is, if you look at all the opinion polls, a very low level of public trust in Westminster politics and the lowest level of trust in government as such. That suggests that the Government and other parties should be as transparent as possible about what is being done and as cross-party and non-partisan as possible.

I note that the Electoral Integrity Programme is part of DLUHC. That seems to me odd. It ought to be part of a stronger Electoral Commission. I regret that the Bill—now an Act—last year weakened the Electoral Commission, because this is central to our democracy. We need to have integrity which is guaranteed by a cross-party and non-party institution. Similarly, on a slightly different collection of issues, the Defending Democracy Taskforce was introduced very much as a government initiative without engaging much with the opposition parties. I suggest that, in reassuring the wider public and civil society and rebuilding the public trust which has been lost, some mechanism involving other parties and cross-party organisations with government activity in this field would be useful. It is not for the Executive to defend integrity and democracy—after all, sometimes it is the Executive who undermine democracy; it is for Parliament, the courts and other independent agencies.

I want to make a second wider point. We should not ignore attempts at foreign interference in our democratic processes by non-state actors, as well as state actors. The Minister in the other place, in replying to one of the questions, said:

“I am pleased that in our domestic legislation we have the ability to ensure that countries with malign intent do not use think-tanks or other fronts to influence domestic political discourse in a way that is contrary to the health of our democracy”.—[Official Report, Commons, 7/12/23; col. 492.]

I agree with that, and I am concerned that there are now a number of extremely well-funded, very right-wing American organisations, on the edge of being anti-democratic, which are doing their best to interfere in British politics and which are putting funds into party factions, into conferences that take place in London and into think tanks. This is non-transparent and, I suggest, ought to be included in the integrity issue of foreign money flowing into British politics.

We have all witnessed the deterioration of American political campaigning and debate in recent years. We have a shared interest in preventing the UK following down that road. That needs to be part of how we prevent that happening, with conspiracy theories creeping into this country and so on. Free and fair elections depend on free and open debate, in which respect for facts and evidence is shared on all sides—a quality that has now been almost entirely lost in American campaigning. We need to make sure it is not lost here.

My Lords, I thank both noble Lords for the unified front we are all showing against this appalling attack, recognising that this is just part of a world of increasing insecurity and increasing threats to us.

The noble Lord, Lord Collins, referred to the need to up our game. A few years ago, we all heard about these bot farms that were targeting people in a broad and uncomplicated kind of way. What we have identified with this attack is how highly targeted it is and how it is targeted towards the very heart of our democracy—the values that we all espouse in a free and open society. It is not just parliamentarians who have been attacked; it is the whole variety of different sections of our society, which are at the heart of what makes us a free and open society. They targeted political figures, civil servants, journalists and NGOs, all with the intent to meddle in British political and democratic processes.

We need to understand that Centre 18, a unit within Russia’s FSB, has been involved in a range of cyber-espionage operations targeting the UK and that the so-called Star Blizzard, a cyber group that is almost certainly subordinate to Centre 18, is responsible for a range of malign activities targeting British parliamentarians from multiple parties. It is worth noting that that group has selectively leaked and amplified the release of sensitive information in the service of Russia’s confrontative goals, and that these cyber actors used a combination of targeting, tailoring their operations in a far more sophisticated way than is usually the case. This targeting is not limited to politicians but includes public-facing figures from all parts of society.

The noble Lord, Lord Collins, talked about how we are working with our international partners. We engage international partners on issues of mutual concern. We are grateful for the support of very many international partners that have provided information, but we obviously will not go into detail on any specific contributions or types of engagement. Noble Lords will have seen the sheer breadth and depth in unity from our like-minded partners and allies who have joined us in calling out this malicious activity. The US is a long-standing ally, as are other Five Eyes members, and we will continue to engage with it on issues of mutual concern. We are grateful for the support the US has provided and will continue to work with it and all partners which seek to protect our democracy.

The noble Lord, Lord Collins, said that, in order to up our game, we have to make sure that we have the resources necessary for our institutions and organisations to protect us. This was a complex operation and we have been working hand in glove with our partners to identify those responsible and hold them to account. The activity announced last week is part of a broader pattern of malign cyberactivity conducted by the Russian intelligence services across the globe. The United Kingdom has been continuing to bolster its resilience since 2018 against both the Russian and wider cyber threats. We continue to invest to bolster our cyber defences in support of our national cyber strategy. His Majesty’s Government are investing £2.6 billion in cyber and legacy IT until 2024-25, including a £140 million increase in the national cybersecurity programme.

The noble Lord raised a very important point about the number of elections taking place in those 40 countries—that will be 4 billion people exercising their right to self-determination about who governs them. There is no more fundamental basis for a free society than that, and we want to assist all those countries in any way we can. The level of technical expertise in this country, and our strategy, have been widely acclaimed and have the support of all political parties in this country. We want to make sure that we are sharing that expertise with other countries.

The noble Lord, Lord Wallace, mentioned other countries, and of course we are acute to threats of this type of activity from other countries. He is right to point out how they are reaching the electorate. In elections past, it was a simple matter of the media as the most basic way in which people got information that informed their political views, but now, through social media and the malign intent of certain individuals, people can be led to a false conclusion. We want to make sure that we are transparent and open.

Elections in this country are run by local authorities, and we are doing everything we can to assist them to make sure that their defences are robust, recognising that next year there is an important election. We are supporting them. DLUHC, the department that interfaces with local government, is working with local authorities, but it is a cross-government activity.

The final point the noble Lord made was about non-state actors, and he is absolutely right. We need to have measures in place to fact-check when people are using malign and false content in order to influence people. In certain constituencies, there will be a very few people who can sway that constituency one way or another. If they are being approached in the kind of way that this kind of attack has proved, we want to make sure that we have defences that can be deployed and that we can inform people that they have been the subject of this kind of attack.

My Lords, I very much welcome the Minister mentioning local authorities and ensuring that they are robust in the most vulnerable period—when votes are being cast—but what discussions are being held with the political parties specifically? They hold sensitive data. If I wanted to cause major disruption on polling day, I would be worried about the security of data held by political parties. Can the Minister assure me that thought is being given to that?

The noble Baroness was a member of the Intelligence and Security Committee with me. She was very much part of this debate for many years and has great expertise. She is right. Political parties need to be assisted through the National Cyber Security Centre and the national cybersecurity strategy to protect their data. She is right that we have seen elections in other parts of the world—and there have been some suggestions that we had attacks closer to home—in which these kinds of data breaches have resulted in a key moment in an election being difficult to manage. We want to assist every political party. Everyone can have access to it. It is not just Members of both Houses and the staff who work in this place but the political offices and constituency operations run by political parties right across the country that need access to this to be aware, resilient and absolutely sure that their systems are properly protected. It is in all our interests to make sure that we have clean, fair, open elections and that people are protected from this kind of attack.

My Lords, the war in Ukraine has been significant for a change of approach in UK government policy with regard to intelligence. We have been proactively releasing military intelligence about what we expect Russia to do into the public domain ahead of events, and this has undoubtedly influenced what Russia then does. There are parallels to this area. It is one thing reactively trying to attribute actions to Russia after the event, but would we consider doing exactly the same when it comes to this, hopefully influencing Russia and preventing it acting in the first place?

Our response to this attack is quite clear. The Russian ambassador was called in to the Foreign Office, and we have sanctioned two individuals who worked for this organisation. The investigation is ongoing, and we will take all steps necessary to make Russia understand that it is not worth its while doing this kind of work. We know that actions of misinformation are as old as the Soviet Union, and go right back to many activities happening in the days of the old KGB. What the FSB and organisations within it are now doing is absolutely an extension of that. They are using their technology to target us in different ways.

The UK has worked with Ukraine to increase its resilience in cyberspace over several years. This has included measures to enhance its incident response, forensics and assessment processes. We are providing £6.35 million in cyber support to Ukraine as part of the UK’s Conflict, Stability and Security Fund. This includes technical assistance to the MFA to protect its websites from distributed denial-of-service attacks and provide daily cyber threat intelligence. Increasing resilience is an ongoing process, and we are committed to increasing our efforts. We cannot go into further details of the support we are providing, but we are working with all our allies to make sure that countries such as Ukraine can withstand a relentless attack, not just physical kinetic warfare but in cyberspace as well.